Chatterbox

13567

Comments

  • I wouldn't use metasploit exploits.

  • i tried the python exploit and simple payload,,,,bt i am still stuck strangely :(

    what shall i do please. this seems easy box as many have pawned it.

  • only issue im finding with this box is a stable shell, i know the service that needs to be exploited. I get meterpreter very rarely and usually last about 5 seconds

  • @jayt1990 said:
    only issue im finding with this box is a stable shell, i know the service that needs to be exploited. I get meterpreter very rarely and usually last about 5 seconds

    same here

  • @jayt1990 said:
    only issue im finding with this box is a stable shell, i know the service that needs to be exploited. I get meterpreter very rarely and usually last about 5 seconds

    Same here! trying to find the basic payload but it's not working.

  • @cafeitduong said:

    @jayt1990 said:
    only issue im finding with this box is a stable shell, i know the service that needs to be exploited. I get meterpreter very rarely and usually last about 5 seconds

    Same here! trying to find the basic payload but it's not working.

    PM ME

    punish3r

  • In terms of privilege escalation, should we obtain a privileged shell, or just get the root.txt hash?

    Thanks.

  • @fkg0qi said:
    In terms of privilege escalation, should we obtain a privileged shell, or just get the root.txt hash?

    Thanks.

    Let's see. We just have to enter the contents of root.txt. So root.txt content would be enough. But you can spawn a shell for your ego or so :)

    wirehack7

  • Need help, I got the port, the exploit and maybe the payload. But I can't get the session works. Sometimes I get this error: 10.10.10.74 - Command shell session 1 closed. Reason: Died from Errno::ECONNRESET

  • @furyRoad said:
    Need help, I got the port, the exploit and maybe the payload. But I can't get the session works. Sometimes I get this error: 10.10.10.74 - Command shell session 1 closed. Reason: Died from Errno::ECONNRESET

    Maybe someone uses a false way.
    Maybe someone should search the forum and read some posts.

    There are way too much hints here for that, very easy, box.

    wirehack7

  • Unable to scan the VM, can i PM someone for helping me ?

    Jugulairel

  • @jugulaire said:
    Unable to scan the VM, can i PM someone for helping me ?

    Use masscan and make sure interface is set to "tun0"

  • I only have 1 reset per day and the exploit works only if someone is not already on it? And the meterpreter shell dies within 5 seconds. The box sucks big time

    halfluke

  • Perhaps auto-migrate to a different process,

    set AutoRunScript post/windows/manage/migrate

  • I forgot, you're correct the box does suck big time :)

  • edited March 2018

    ok I got root. Apologies to the guy who reset it, I had to to hijack his session and run the exploit before him, because it works only once (at least if the previous person doesn't exit properly, and I only have one reset per day). That's why I'm not giving a thumb up to this box. Sorry. And yes, automigrate

    halfluke

  • why does metasploit return me "Exploit complete, but no session was created"? I've used allports payload and several others. That one is the only payload that doesn't return me the "No encoders encoded the buffer successfully." error.

  • You don't need metasploit for the exploit. You can use metasploit to receive your shell, but don't use it for the exploit.

  • Your payload is correct but you need to adjust the encoder it seems, under no circumstances would I advocate using msf, you learn little from that approach and it's highly discouraged, but I make an exception with boxes whether intentionally or not are dysfunctional. I'm a little ambivalent when I come across a box like it, which is rare, so here's a riddle, the answer is 'universally mixed', and 'W'e 'M'erry 'I'ndividuals can't just allude to the post local privilege exploit you should use.

  • Pretty sure have the right exploit and used smaller payload to remove the error about no encoders, but still no connect back, tried msf and manual to get a shell back with no luck, have reverted this box so many times, can anyone provide a nudge in the right direction. PM me pls.

  • @frenchish said:
    Pretty sure have the right exploit and used smaller payload to remove the error about no encoders, but still no connect back, tried msf and manual to get a shell back with no luck, have reverted this box so many times, can anyone provide a nudge in the right direction. PM me pls.

    Use google to learn how to migrate your meterpreter's session.

    1nitiative

  • Use google to learn how to migrate your meterpreter's session.

    But I am not using a meterpreter payload, ideally want to get the manual exploit working and have tried with earlier suggestion "set AutoRunScript post/windows/manage/migrate" when using meterpreter payload.

  • there is a much better python exploit that should be used.. if you have done your OSCP the buffer overflow payload work should be easy, little customisation..

  • Hey RPSUK, I am using the python exploit customized (Dont want to put too much on here, incase of spoilers) , even installed clone environment to test on, could you PM to discuss more detail?

  • @estihex said:
    i cant find any :( wasted 3 hours with nmap :D hehe

    nmap -sT --min-rate 5000 --max-retries 1 -p-

  • Hi All,
    I got the priv file and I've tried to get system for long time however no more progress then. Could anyone please point me in the right direction?

  • Anybody stuck on scanning for ports pm me; made a bash script to automate it

    -Keep Learning
  • Can i DM someone for this Box. Im not using msf. Have the py exploit, but cant seem to make it work.

    FloptimusCrime

  • Wasn't too hard after reading all the hints on here and figuring out what to do after spawning the shell. Thanks everyone

  • This box was ridiculously easy lol.

    monkeychild

Sign In to comment.